Abstract:

The dendritic cell algorithm (DCA) is an immune-inspired algorithm based on the function of dendritic cells of the natural immune system. The algorithm performs very well when applied to real-time anomaly detection, but it is difficult to analyze the detected results because of a large number of parameters and stochastic elements. This paper presents a novel dendritic cell algorithm based on the small set of parameters for anomaly detection. It reduces the number of parameters of DCA on the premise of ensuring the correct function of the algorithm, so that the number of parameters is under control. Moreover, the new algorithm yet defines a more concise signal processing procedure, as well as the corresponding anomaly measure and an anomaly threshold. Finally, a port scan data set is applied to test the algorithm. Experimental results show that the new algorithm is an effective form of DCA, the new anomaly measurement is more sensitive and it extends the time of correct classification by 30.3%~56.7%.